Thailand’s Personal Data Protection Act, better known as the PDPA was approved by the Thai National Legislative Assembly in February 2019. The PDPA came into effect on May 28, 2019 and organizations were given a one-year transition period to bring companies to bring their practices into full compliance by May 27, 2020.
This piece of legislation replicates many sections of the European Union’s General Data Protection Regulation and has introduced provisions relating to prevention of data abuse, consent and data subjects rights.
However, just before the expiration of the grace period, the government has decided to give organizations a further one year period until the end of May 2021 to comply with the requirements of the PDPA due to challenges encountered by many businesses in view of the coronavirus crisis. We will continue to keep you updated in relation to any developments on this matter.